kernel: protection fault trap, code=0 Stopped at done_flush+0x38: movl %eax,%dr6 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic the kernel did not panic ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800021758b80) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800021758b80,1,ffff80002170f000) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd80798570d8,c0205602,ffff800021758b80,1,fffffd807f7d7820,ffff80002170f000) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806bd31ea0,c0205602,ffff800021758b80,ffff80002170f000) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002170f000,ffff800021758c90,ffff800021758ce0) at sys_ioctl+0x49e syscall(ffff800021758d60) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5a2fbf95fb0, count: -8 ddb> show registers rdi 0x6c14 __ALIGN_SIZE+0x5c14 rsi 0xffff80002e87de30 rbp 0xffff8000217588d0 rbx 0x756e6547 rdx 0x49656e69 rcx 0x6c65746e rax 0xfffffffeffffffff r8 0 r9 0x10000 __ALIGN_SIZE+0xf000 r10 0x74781828d1233127 r11 0xfaca24a02173c689 r12 0xffff80002e87dba8 r13 0xffff800021758806 r14 0xffff80002e87d800 r15 0x246 rip 0xffffffff826bcc7b done_flush+0x38 cs 0x8 rflags 0x10046 __ALIGN_SIZE+0xf046 rsp 0xffff800021758736 ss 0x10 done_flush+0x38: movl %eax,%dr6 ddb> show proc PROC (syz-executor.0) tid=10105 pid=35888 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=76, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff800021710540,0xffffffff82c39120 process=0xffff8000ffff73c0 user=0xffff800021753000, vmspace=0xfffffd805b7ef8a8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 35888 85559 67576 0 2 0 syz-executor.0 *35888 10105 67576 0 7 0x4000000 syz-executor.0 60081 356860 51289 0 2 0 syz-executor.5 60081 203833 51289 0 3 0x4000080 fsleep syz-executor.5 94789 122486 17131 0 3 0x80 nanoslp syz-executor.1 94789 57145 17131 0 3 0x4000080 fsleep syz-executor.1 56918 425478 4569 0 2 0 syz-executor.3 56918 473477 4569 0 3 0x4000080 fsleep syz-executor.3 8439 177688 92433 0 2 0 syz-executor.4 8439 328030 92433 0 3 0x4000080 ttyout syz-executor.4 67576 48561 74516 0 3 0x82 nanoslp syz-executor.0 38551 47775 74516 0 2 0x2 syz-executor.7 51289 283894 74516 0 3 0x82 nanoslp syz-executor.5 9255 495366 74516 0 3 0x82 nanoslp syz-executor.6 4569 183397 74516 0 3 0x82 nanoslp syz-executor.3 92433 411745 74516 0 3 0x82 nanoslp syz-executor.4 62489 322526 74516 0 3 0x82 nanoslp syz-executor.2 17131 328506 74516 0 3 0x82 nanoslp syz-executor.1 20820 186547 1 0 3 0x100083 ttyin getty 33715 479359 0 0 3 0x14200 bored sosplice 74516 406054 74698 0 3 0x2000082 wait syz-fuzzer 74516 194209 74698 0 3 0x6000082 nanoslp syz-fuzzer 74516 472032 74698 0 3 0x6000082 wait syz-fuzzer 74516 309619 74698 0 3 0x6000082 wait syz-fuzzer 74516 163238 74698 0 3 0x6000082 thrsleep syz-fuzzer 74516 19774 74698 0 3 0x6000082 wait syz-fuzzer 74516 75125 74698 0 3 0x6000082 wait syz-fuzzer 74516 211208 74698 0 3 0x6000082 thrsleep syz-fuzzer 74516 408031 74698 0 3 0x6000082 kqread syz-fuzzer 74516 339757 74698 0 3 0x6000082 wait syz-fuzzer 74516 73459 74698 0 3 0x6000082 thrsleep syz-fuzzer 74516 166613 74698 0 3 0x6000082 wait syz-fuzzer 74516 424955 74698 0 3 0x6000082 thrsleep syz-fuzzer 74516 314087 74698 0 3 0x6000082 wait syz-fuzzer 74698 203086 62097 0 3 0x10008a sigsusp ksh 62097 133326 77304 0 3 0x9a kqread sshd 77304 287849 1 0 3 0x88 kqread sshd 31173 433743 7835 73 3 0x1100090 kqread syslogd 7835 294402 1 0 3 0x100082 netio syslogd 75149 444047 1 0 3 0x100080 kqread resolvd 48996 193243 71974 77 3 0x100092 kqread dhcpleased 42797 61320 71974 77 3 0x100092 kqread dhcpleased 71974 236923 1 0 3 0x80 kqread dhcpleased 79398 226870 0 0 3 0x14200 bored smr 93062 53101 0 0 2 0x14200 zerothread 16597 92419 0 0 3 0x14200 aiodoned aiodoned 15356 348501 0 0 3 0x14200 syncer update 57323 213688 0 0 3 0x14200 cleaner cleaner 84334 143309 0 0 3 0x14200 reaper reaper 42036 66765 0 0 3 0x14200 pgdaemon pagedaemon 97384 6021 0 0 3 0x14200 bored viomb 56300 341379 0 0 3 0x40014200 acpi0 acpi0 96653 45915 0 0 3 0x14200 bored softnet3 88339 419549 0 0 3 0x14200 bored softnet2 84284 103551 0 0 3 0x14200 bored softnet1 94366 140492 0 0 3 0x14200 bored softnet0 11002 417883 0 0 3 0x14200 bored systqmp 31175 320161 0 0 3 0x14200 bored systq 80853 266789 0 0 3 0x40014200 tmoslp softclock 73391 154037 0 0 3 0x40014200 idle0 1 219193 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10201 6554K 8005K 78643K 40124 0 pcb 13 24K 32K 78643K 977 0 rtable 244 15K 15K 78643K 949 0 pf 32 9K 10K 78643K 227 0 ifaddr 44 12K 13K 78643K 185 0 ifgroup 55 2K 2K 78643K 358 0 sysctl 3 0K 0K 78643K 3 0 counters 29 17K 17K 78643K 120 0 ioctlops 0 0K 2K 78643K 570 0 iov 0 0K 16K 78643K 364 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1516 95K 95K 78643K 8683 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 51 0 VM map 2 1K 1K 78643K 2 0 sem 12 1K 1K 78643K 747 0 dirhash 12 2K 2K 78643K 21 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 16 57K 73K 78643K 6012 0 sigio 0 0K 0K 78643K 145 0 proc 58 59K 83K 78643K 1070 0 subproc 104 6K 6K 78643K 295 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 987 0 in_multi 99 7K 7K 78643K 330 0 ether_multi 1 0K 0K 78643K 18 0 mrt 0 0K 0K 78643K 10 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 145 652K 652K 78643K 145 0 exec 0 0K 1K 78643K 1855 0 pfkey data 0 0K 0K 78643K 6 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 401 214K 215K 78643K 57430 0 UVM aobj 131 6K 6K 78643K 132 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 91 0 NDP 12 0K 1K 78643K 147 0 temp 74 5916K 6044K 78643K 85589 0 kqueue 12 18K 26K 78643K 389 0 SYN cache 2 1236K 1244K 78643K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 302 0 299 4 3 1 3 0 8 0 rtentry 112 276 0 164 4 0 4 4 0 8 0 unpcb 144 5442 0 5429 53 47 6 6 0 8 5 syncache 312 66 0 66 15 14 1 1 0 8 1 tcpqe 32 113 0 113 13 12 1 1 0 8 1 tcpcb 808 2030 0 2007 72 69 3 15 0 8 0 arp 88 48 0 29 1 0 1 1 0 8 0 ipq 40 11 0 10 5 4 1 1 0 8 0 ipqe 40 159 0 158 5 4 1 1 0 8 0 inpcb 336 6474 0 6443 130 121 9 23 0 8 5 ip6q 72 2 0 2 1 1 0 1 0 8 0 ip6af 40 3 0 3 1 1 0 1 0 8 0 nd6 104 75 0 50 1 0 1 1 0 8 0 pkpcb 40 147 0 147 4 4 0 1 0 8 0 kcovpl 48 22 0 14 1 0 1 1 0 8 0 ppxss 1160 37 0 37 9 9 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1127 0 662 37 7 30 30 0 8 0 art_table 32 1128 0 662 4 0 4 4 0 8 0 art_node 16 275 0 173 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 743 0 733 1 0 1 1 0 8 0 shmpl 112 129 0 1 4 0 4 4 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 9631 0 8161 93 0 93 93 0 8 0 ffsino 240 9631 0 8161 87 0 87 87 0 8 0 nchpl 144 18055 0 16419 63 0 63 63 0 8 0 uvmvnodes 80 10106 0 0 207 0 207 207 0 8 0 vnodes 216 10106 0 0 562 0 562 562 0 8 0 namei 1024 66668 0 66667 7 6 1 3 0 8 0 vcpupl 2048 70 0 0 9 0 9 9 0 8 0 vmpool 664 75 0 5 7 1 6 6 0 8 0 kstatmem 264 206 0 182 2 0 2 2 0 8 0 scxspl 216 60253 0 60253 26 24 2 8 1 8 2 plimitpl 152 994 0 978 1 0 1 1 0 8 0 sigapl 424 6303 0 6258 8 1 7 8 0 8 0 futexpl 64 62024 0 62021 4 3 1 1 0 8 0 knotepl 120 51638 0 51558 4 1 3 4 0 8 0 kqueuepl 184 964 0 956 14 13 1 4 0 8 0 pipepl 288 1232 0 1204 32 28 4 7 0 8 1 fdescpl 432 6265 0 6238 4 0 4 4 0 8 0 filepl 120 45636 0 45394 80 65 15 16 0 8 7 lockfpl 104 1918 0 1916 4 3 1 2 0 8 0 lockfspl 48 599 0 597 1 0 1 1 0 8 0 sessionpl 144 38 0 22 1 0 1 1 0 8 0 pgrppl 48 151 0 135 1 0 1 1 0 8 0 ucredpl 104 4980 0 4967 1 0 1 1 0 8 0 zombiepl 144 6260 0 6258 1 0 1 1 0 8 0 processpl 1008 6303 0 6258 11 4 7 9 0 8 0 procpl 680 15192 0 15129 13 6 7 8 0 8 0 sosppl 168 64 0 61 6 5 1 1 0 8 0 sockpl 456 12375 0 12332 329 314 15 37 0 8 8 mcl64k 65536 202 0 202 17 16 1 1 0 8 1 mcl16k 16384 111 0 111 15 14 1 1 0 8 1 mcl12k 12288 174 0 174 17 16 1 1 0 8 1 mcl9k 9216 102 0 102 12 11 1 1 0 8 1 mcl8k 8192 354 0 354 14 13 1 1 0 8 1 mcl4k 4096 710 0 710 11 10 1 2 0 8 1 mcl2k2 2112 34 0 34 12 11 1 1 0 8 1 mcl2k 2048 78818 0 78764 50 41 9 29 0 8 1 mtagpl 96 1772 0 1175 23 7 16 16 0 8 0 mbufpl 256 177519 0 176775 351 297 54 95 0 8 5 bufpl 288 17504 0 11107 458 0 458 458 0 8 0 anonpl 24 700149 0 685951 167 55 112 120 0 188 5 amapchunkpl 152 195035 0 194173 84 44 40 48 0 158 3 amappl16 200 14452 0 13928 76 39 37 40 0 8 8 amappl15 192 36 0 34 1 0 1 1 0 8 0 amappl14 184 192 0 182 2 1 1 2 0 8 0 amappl13 176 9 0 8 1 0 1 1 0 8 0 amappl12 168 7119 0 7090 2 0 2 2 0 8 0 amappl11 160 62 0 52 1 0 1 1 0 8 0 amappl10 152 33 0 25 2 1 1 1 0 8 0 amappl9 144 199 0 196 1 0 1 1 0 8 0 amappl8 136 380 0 302 3 0 3 3 0 8 0 amappl7 128 210 0 187 2 0 2 2 0 8 0 amappl6 120 496 0 482 1 0 1 1 0 8 0 amappl5 112 225 0 216 1 0 1 1 0 8 0 amappl4 104 570 0 546 2 1 1 2 0 8 0 amappl3 96 35939 0 35854 5 2 3 3 0 8 0 amappl2 88 7006 0 6935 3 0 3 3 0 8 0 amappl1 80 31401 0 30900 22 10 12 22 0 8 0 amappl 88 56619 0 56380 8 1 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 131 0 1 3 0 3 3 0 8 0 uaddrrnd 24 6340 0 6243 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6340 0 6243 1 0 1 1 0 8 0 vmmpekpl 168 44972 0 44896 4 0 4 4 0 8 0 vmmpepl 168 383111 0 380652 263 143 120 137 0 357 3 vmsppl 368 6339 0 6243 9 0 9 9 0 8 0 rwobjpl 24 102617 0 90826 74 2 72 72 0 8 0 pdppl 4096 12686 0 12556 464 330 134 134 0 8 4 pvpl 32 1868288 0 1848456 391 194 197 349 0 265 18 pmappl 216 6339 0 6243 6 0 6 6 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1891 0 974 27 0 27 27 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800021758b80) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800021758b80,1,ffff80002170f000) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd80798570d8,c0205602,ffff800021758b80,1,fffffd807f7d7820,ffff80002170f000) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806bd31ea0,c0205602,ffff800021758b80,ffff80002170f000) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002170f000,ffff800021758c90,ffff800021758ce0) at sys_ioctl+0x49e syscall(ffff800021758d60) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5a2fbf95fb0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace done_flush() at done_flush+0x38 vm_run(ffff800021758b80) at vm_run+0x163 vmmioctl(a00,c0205602,ffff800021758b80,1,ffff80002170f000) at vmmioctl+0x299 sys/dev/vmm/vmm.c:242 VOP_IOCTL(fffffd80798570d8,c0205602,ffff800021758b80,1,fffffd807f7d7820,ffff80002170f000) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806bd31ea0,c0205602,ffff800021758b80,ffff80002170f000) at vn_ioctl+0xbb sys/kern/vfs_vnops.c:525 sys_ioctl(ffff80002170f000,ffff800021758c90,ffff800021758ce0) at sys_ioctl+0x49e syscall(ffff800021758d60) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5a2fbf95fb0, count: -8